Commit Graph

446 Commits

Author SHA1 Message Date
Tim Rühsen 9ec54644d0 Update PSL submodule 2017-07-19 16:54:35 +02:00
Tim Rühsen 280c130f73 Add fuzz/git_all_corpora 2017-07-19 15:02:03 +02:00
Tim Rühsen bf0f1cda52 Update fuzzer corpora 2017-07-19 15:01:40 +02:00
Tim Rühsen ecc3914172 Fix link libraries for oss-fuzz static building 2017-07-15 12:31:53 +02:00
Tim Rühsen 4306c0cfc0 Fix pkg-config support for libidn and libidn2 2017-07-15 12:31:01 +02:00
Tim Rühsen 0a48980efc Use libidn2 as default 2017-07-14 15:53:31 +02:00
Tim Rühsen 083c8c6801 Fix a few C89 issues 2017-07-14 15:53:31 +02:00
Tim Rühsen 1076ec178c Update internal IDNA corpora from OSS-Fuzz 2017-07-14 15:53:31 +02:00
Tim Rühsen 2cb2266cb1 Update libidn corpora from OSS-Fuzz 2017-07-14 15:53:31 +02:00
Tim Rühsen 5f1176485e Update libidn2 corpora from OSS-Fuzz 2017-07-14 15:53:31 +02:00
Tim Rühsen 9015ae5fc0 Update libicu corpora from OSS-Fuzz 2017-07-14 15:53:31 +02:00
Tim Rühsen 3541a7cb80 Update libicu corpora from OSS-Fuzz 2017-07-13 15:50:04 +02:00
Tim Rühsen a6e4703318 Fix oss-fuzz issue #2600 (buffer overflow in libicu code)
Added a reproducer corpus and fixed the broken libicu code.
The buffer overflow could be triggered by psl_load(), psl_load_fp(),
psl_is_public_suffix(), psl_is_public_suffix2(), psl_unregistrable_domain(),
and psl_registrable_domain().
2017-07-13 15:40:58 +02:00
Tim Rühsen 3f03987897 Fix fuzz/ regression tester building 2017-07-13 15:39:46 +02:00
Tim Rühsen 631362d3d0 Fuzz all types of builds (idn2, idn, icu, none) 2017-07-12 15:37:35 +02:00
Tim Rühsen 2abce22058 Add UBSAN testing for Travis CI 2017-07-09 20:53:56 +02:00
Tim Rühsen 926cc34ade Fix uninitialised value created by stack allocation
Using valgrind testing the fuzz corpora revealed a missing
check in _add_punycode_if_needed() which lead to a
"Uninitialised value was created by a stack allocation".

Thanks to OSS-fuzz for the corpora, thanks valgrind to find this
issue (asan and ubsan didn't find it).
2017-07-09 20:21:55 +02:00
Tim Rühsen d583db99b8 Update oss-fuzz target for static linking 2017-07-08 18:02:52 +02:00
Tim Rühsen 467f035f0a Add one new corpus for libpsl_load_fuzzer 2017-07-08 12:11:50 +02:00
Tim Rühsen 90a1198939 Find static libidn2 via configure 2017-07-06 11:08:20 +02:00
Tim Rühsen 49c9fade7a Fix fuzz/run-clang.sh for CTRL-C 2017-07-02 21:23:10 +02:00
Tim Rühsen f2b9b2447a Remove C++ settings from fuzz/README.md 2017-07-02 21:11:43 +02:00
Tim Rühsen 5e562e6f3b Update fuzzer corpora and scripts 2017-06-30 19:55:55 +02:00
Tim Rühsen 61824edc3d Add oss-fuzz corpora downloader 2017-06-26 19:55:04 +02:00
Tim Rühsen 0cbb7089f6 Enable ASan for Travis CI testing 2017-06-20 21:08:35 +02:00
Tim Rühsen b858480f0d Add --enable-asan --enable-ubsan to contrib/check-hard 2017-06-20 16:44:41 +02:00
Tim Rühsen 492c884d7d Fix memory overflow in LIBICU code of psl_str_to_utf8lower()
Immediately discovered with the new --enable-asan / --enable-ubsan
configure options, thanks to the fuzz corpora.
2017-06-20 16:30:29 +02:00
Tim Rühsen 47734a6f1f Add --enable-asan and --enable-usan configure options 2017-06-20 16:27:18 +02:00
Tim Rühsen e20e6f369b Add clang's CFI instrumentation
Add --enable-cfi ./configure option to enable
LLVM/Clang's Control Flow Integrity for builds.

CFI aborts a program upon detecting certain forms of undefined behavior
that can potentially allow attackers to subvert the program’s control flow.
2017-06-19 17:14:29 +02:00
Tim Rühsen d417badedb New corpora for libpsl_load_fuzzer 2017-06-19 10:49:26 +02:00
Tim Rühsen 81737c9260 New OSS-Fuzz corpora for libpsl_load_dafsa_fuzzer 2017-06-19 10:44:20 +02:00
Tim Rühsen fa69455d07 Add fuzz/ stuff to .gitignore 2017-06-14 14:37:23 +02:00
Tim Rühsen f304dbe324 More fuzzer improvements 2017-06-14 12:48:58 +02:00
Tim Rühsen 43f460d4c5 New OSS-Fuzz corpora for libpsl_fuzzer 2017-06-14 11:40:56 +02:00
Tim Rühsen 44db84e6ec More corpora for libpsl_load_dafsa_fuzzer 2017-06-14 10:00:49 +02:00
Tim Rühsen 666c07b364 New fuzz/libpsl_load_fuzzer.c plus corpus directory 2017-06-14 09:49:07 +02:00
Tim Rühsen 6ca1304bd4 Fix libpsl_load_dafsa_fuzzer for libc6 < 2.22 2017-06-14 09:07:54 +02:00
Tim Rühsen d686c1fff7 Fix memleak in _psl_is_public_suffix() (found by fuzzing) 2017-06-13 22:24:18 +02:00
Tim Rühsen 812e887530 New fuzz corpora 2017-06-13 22:17:09 +02:00
Tim Rühsen 896a5e299a Enhance fuzzing 2017-06-13 22:16:14 +02:00
Tim Rühsen e8f083e867 Add function calls to fuzz/libpsl_fuzzer.c 2017-06-12 17:07:54 +02:00
Tim Rühsen 9da4e94c1a Update fuzz/README.md 2017-06-12 17:07:07 +02:00
Tim Rühsen e584007f42 * src/psl.c (psl_str_to_utf8lower): Fix docs 2017-06-12 17:00:53 +02:00
Tim Rühsen 045bf63031 Fix double free in psl_load_fp(), found by fuzzing 2017-06-09 22:53:19 +02:00
Tim Rühsen bce2e9acb0 fuzz/fuzzer.h: Add extern 'C' 2017-06-09 20:35:46 +02:00
Tim Rühsen f41c6aaf63 Add fuzzing architecture 2017-06-09 16:27:37 +02:00
Tim Rühsen fa2985a535 Update PSL submodule 2017-06-09 11:01:17 +02:00
Tim Rühsen a33feb8ff4 Fix typos found by ka7/misspell_fixer 2017-04-19 11:46:27 +02:00
Tim Rühsen d23cf2bf17 Update PSL submodule 2017-04-19 11:43:11 +02:00
Tim Rühsen 448f6e4564 Fix order of files in psl_latest()
If 'dist_filename' and 'filename' are given and both have the same
age, we want 'dist_filename' (expected DAFSA) being loaded.
2017-02-21 12:18:29 +01:00